package com.xsr.shiro;

import com.xsr.mapper.UserDao;
import com.xsr.pojo.User;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * @author 邢式瑞
 * @version 1.0
 * @project sssm
 * @date 2022/9/17 10:26
 */
public class MyRealm extends AuthorizingRealm {
    @Autowired
    private UserDao userDao;
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        char[] password = (char[])authenticationToken.getCredentials();
        String username = (String)authenticationToken.getPrincipal();
      User user=  userDao.selectByUsername(username);
      if(user==null){
          throw  new RuntimeException("用户不存在");
      }
       String  password1=new String(password);
        if(!password1.equals(user.getPassword())){
            throw new IncorrectCredentialsException("密码不正确");
        }
        if(0==user.getStatus()) {
            throw new LockedAccountException("账户被锁定");
        }
        AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(user, password, this.getName());
         return authenticationInfo;
    }
}
